Attention: The forums will be placed on read only mode this Saturday (Oct. 20, 2018)

During this outage (6:30 AM to 8 PM PDT) the forums will be placed on read only mode. We apologize for this inconvenience. Click here to read details

Spyware, Viruses, & Security forum

General discussion

News - December 15, 2004

by Brent Welch / December 14, 2004 2:28 PM PST

Microsoft patches spell happy holidays

Microsoft managed to give a small holiday gift to network administrators this month: No critical patches. The software giant released five patches to fix nine issues in its Windows operating systems on Tuesday, with none of the security holes rated as a serious threat. Microsoft warned last week that the fix would be coming.

"All the flaws have something about them that makes it more difficult for an attacker to exploit them," said Stephen Toulouse, a security program manager in Microsoft's security response center. Earlier this month, Microsoft issued an unscheduled critical patch for Internet Explorer. It plugged a security hole that opened PCs with the Web browser up to attack by online fraudsters.

The five December advisories are the last fixes scheduled for release this year. If the company does not release any more security bulletins this month, it will have released 45 patches in 2004, down from 51 in 2003.

http://news.com.com/Microsoft+patches+spell+happy+holidays/2100-1002_3-5491114.html

Discussion is locked
You are posting a reply to: News - December 15, 2004
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: News - December 15, 2004
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
E-mail hoax sparks 'Do Not Call' stampede
by Brent Welch / December 14, 2004 7:28 PM PST

A hoax e-mail circulating the Internet has millions of Americans scurrying to add their cell phones to a national Do Not Call list to avoid telemarketers.

The e-mail warns recipients that telemarketers will have new rights to call cell phones beginning Jan. 1, if people don't request anonymity by Wednesday. In the last week, 9.5 million people registered with the Do Not Call list, many as a result of the warning, according to its governing agency the Federal Trade Commission. The FTC typically fields up to 200,000 requests in a week, according to FTC spokeswoman Jen Schwartzman.

"People are panicked, and I think the only thing they got right in the e-mail is our Web site registration information," Schwartzman said.

http://news.com.com/E-mail+hoax+sparks+Do+Not+Call+stampede/2100-1024_3-5491349.html

Collapse -
Finnish police raid BitTorrent site, arrest 34
by Brent Welch / December 14, 2004 7:37 PM PST

Police in Finland have raided the operations of a popular BitTorrent file download site, seizing equipment and arresting four people who ran the site. Around 30 volunteers who helped moderate the site were also arrested. Police say the site had 10,000 users, all Finnish, who downloaded illegally-copied content worth millions of euros. The site featured 6000 torrents, including film, videos, music and games.

If convicted, the site operators face jail of up to two years and are liable for claims for damages from content owners. According to Finnish-language newspaper reports, the police liaised with Interpol and Elisa, a local ISP, in their investigations.

The Motion Picture ***. of America (MPAA) today announced that it is pursuing civil actions against hundreds of server operators of BitTorrent, eDonkey and DirectConnect P2P file-swapping networks, in its war on internet movie piracy.

http://www.theregister.co.uk/2004/12/14/finnish_police_raid_bittorrent_site/

Collapse -
Google under pressure over desktop search
by Brent Welch / December 14, 2004 7:40 PM PST

Analyst firm Gartner has put out a statement warning businesses to steer clear of Google's desktop search tool until a more robust, enterprise-ready version is released.

While the tool is potentially extremely attractive to employees, IT managers should discourage users from adopting it and instead opt for a more a more business-ready, secure search engine, Gartner claimed in a recent research note.

"We have no problem with it being used for personal use. Our concern is when it is used in a corporation we have some security and privacy issues. Google says it will collect only non-personal data, but in a corporation how can you monitor what?s being collected?" said Gartner research director Maurene Grey.

http://news.zdnet.co.uk/0,39020330,39181168,00.htm

Collapse -
Bugs Bring New Dangers to Acrobat Users
by Brent Welch / December 14, 2004 10:18 PM PST

Adobe Systems Inc. has warned of two serious security flaws affecting Windows, Mac OS X and Unix versions of its Acrobat software. The bugs could allow an attacker to execute malicious code on a user's system via a PDF file distributed via e-mail, according to security researchers.

The first flaw affects Version 6.0.2 of Acrobat Reader, according to an advisory posted to the Bugtraq mailing list by security research firm iDefense, which discovered both bugs. Reader incorrectly parses the .etd files used in eBook transactions so that an .etd file containing special code in the "title" or "baseurl" fields can cause an invalid memory access.

This could allow the execution of malicious code with the privileges of the user, iDefense said. An attacker could exploit this bug by sending an e-mail message including either an attached PDF file or a link to the file.

http://www.eweek.com/article2/0,1759,1741481,00.asp?kc=EWRSS03119TX1K0000594

Collapse -
There IS a fix for this by
by roddy32 / December 14, 2004 10:47 PM PST

updating to the 6.0.3 version which can be obtained here and scrolling down to where it says "Vendor reponse" and clicking on the link for your particular platform. I had trouble earlier getting the Adobe Link for the "reader/win" one to load which is my version but eventually it loaded and I was able to update. I am assuming that it is because they are busy. The download for that version is 1.8MB and the wizard will install it over your old version.

http://www.idefense.com/application/poi/display?id=163&type=vulnerabilities&flashstatus=true

Collapse -
'Phishing' attacks rocket in November
by roddy32 / December 15, 2004 9:02 AM PST

Published: December 15, 2004, 1:41 PM PST
By Dawn Kawamoto
Staff Writer, CNET News.com

update Fraudsters ramped up "phishing" attacks by 29 percent in November, according to a new report.


The number of phishing sites, or fake Web sites set up to fool victims into handing over personal information, reached 1,518 last month, the Anti-Phishing Working Group said in a report released on Wednesday. The total was up almost a third over October and three times the level in September.

Internet service providers EarthLink and MSN, owned by Microsoft, were the focus of particularly heavy attack, the trade group said.

"EarthLink and MSN came up quickly in the stats for November," said David Jevans, chairman of the Anti-Phishing Working Group. Hundreds of reports of an EarthLink phishing scam were submitted in the last six days of the month, and a similar influx for the MSN attempt came in over the last two days, he said.

Rest of it is here.
http://news.com.com/Phishing+attacks+rocket+in+November/2100-7349-5491794.html?part=dht&tag=ntop&tag=nl.e433

Collapse -
MS owns Earthlink
by Lenny K / December 15, 2004 10:24 AM PST

OK, the rock I just crawled out from under did not broadcast that MS owns Earthlink.

Details please.

Collapse -
Lenny I think they worded that wrong.
by roddy32 / December 15, 2004 10:47 AM PST
In reply to: MS owns Earthlink

I did a doubletake when I read it too. They could have worded it better or maybe put a "comma" after Earthlink. I think they just meant that MSN is owned my Microsoft. I realize that it looks like that but I don't think that is what they meant. This is the paragraph you are talking about.

Internet service providers EarthLink and MSN, owned by Microsoft, were the focus of particularly heavy attack, the trade group said.

Collapse -
grand poo bah
by Lenny K / December 15, 2004 9:09 AM PST

Congratulations Brent on what seems to be your first MODERATOR initiated post.

Not to mention the normal congrats on rising to the level of grand poo bah here. :^O

Collapse -
Thank-you, Lenny
by Brent Welch / December 15, 2004 9:48 AM PST
In reply to: grand poo bah

.

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!